all InfoSec news
Tsunami DDoS Malware Distributed to Linux SSH Servers
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab Security Emergency response Center (ASEC) has recently discovered an attack campaign that consists of the Tsunami DDoS Bot being installed on inadequately managed Linux SSH servers. Not only did the threat actor install Tsunami, but they also installed various other malware such as ShellBot, XMRig CoinMiner, and Log Cleaner.
When looking at the attack cases against poorly managed Linux SSH servers, most of them involve the installation of DDoS bots or CoinMiners. DDoS bot has been covered here in …
actor ahnlab asec attack bot campaign center coinminer ddos distributed emergency install linux log malware malware analysis managed response security servers shellbot ssh ssh servers threat threat actor tsunami xmrig